Security news
Security news8 August 2007
Mass pump-and-dump scam causes spam level surge Single PDF spam campaign causes 30% increase in junk email level
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of a huge spam campaign in the last 24 hours, designed to manipulate the share price of a company which sells wireless products to young people. Sophos reports that the scale of the spam campaign is so great that it has resulted in the amount of spam seen by its global traps rising by 30% in the last 24 hours.
The spam messages are being sent to internet users worldwide, with an attached PDF file which urges them to buy shares in a company called Prime Time Group Inc. Investors may not be aware that the spammers have already purchased stock at a cheap price and are trying to artificially inflate its price by encouraging others to purchase more. The spammers plan to then sell off their stock at a profit, which may cause the price to plummet.
The massive spike in spam was first seen at Sophos's spamtraps in Germany at 16:40 BST yesterday, but was quickly seen arriving at other monitoring stations around the world. The email messages are being sent from compromised home PCs, turned into compromised zombies by hackers.
The pump-and-dump spam message encouraging recipients to purchase stock comes inside a PDF file.
Part of the message reads as follows:
IMAGINE IF YOU HAD THE CHANCE TO BUY A WAL-MART FRANCHISE IN MEXICO RIGHT WHEN IT FIRST OPENED ITS DOORS THERE AND ALL YOU NEEDED WAS A SMALL STAKE TO GET IN.
Hurry, we see this stock starting to make the turn NOW.
Big watch in effect for August 8, 2007!!!!
"The scale of this stock pump-and-dump spam campaign is like nothing we've seen before, and it looks like it is working for the cybercriminals behind it. The share price in this company has rocketed as a result of bogus news being blasted to internet users worldwide," said Graham Cluley, senior technology consultant for Sophos. "In an attempt to get past anti-spam products criminals are now regularly using PDF files to carry their slick enticements for potential investors. Although a solid anti-spam defense can protect against this menace, there are plenty of people who still haven't defended their email gateways and are being fooled into making an unwise investment."
The company's share price has rocketed as the huge spam campaign has convinced people to invest.
Last month, Sophos published its Security Threat Report July 2007, examining the latest trends in spam, malware and hacking. The report described the trend for spammers to use PDF files to try and escape detection by email gateway filtering products.
- Read more about the spam campaign on the SophosLabs blog
- Download "Sophos Security Threat Report July 2007"
- Download a podcast on the Sophos Security Threat Report July 2007 now
Sophos experts report that pump-and-dump stock campaigns account for approximately 25 percent of all spam, up from 0.8 percent in January 2005.
Earlier this year, Sophos reported how the US Securities and Exchange Commission (SEC) had suspended trading in 35 companies as they were found to be commonly referenced in pump-and-dump stock email campaigns.
Sophos recommends companies protect themselves with a consolidated solution which can defend against the threats of spam, hackers, spyware and viruses.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
